2 matches found
CVE-2017-15875
SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter...
CVE-2017-15875
CVE-2017-15875 documents a SQL injection vulnerability in GPWeb Password Recovery, version 8.4.61. The vulnerability allows remote attackers to execute arbitrary SQL commands via the checkemail parameter. Connected sources confirm the affected product/version and the injection vector, but do not ...